CN103248492A - Verifiable distributed private data comparing and sequencing method - Google Patents
Verifiable distributed private data comparing and sequencing method Download PDFInfo
- Publication number
- CN103248492A CN103248492A CN2013101957311A CN201310195731A CN103248492A CN 103248492 A CN103248492 A CN 103248492A CN 2013101957311 A CN2013101957311 A CN 2013101957311A CN 201310195731 A CN201310195731 A CN 201310195731A CN 103248492 A CN103248492 A CN 103248492A
- Authority
- CN
- China
- Prior art keywords
- client
- data
- private
- private data
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a verifiable distributed private data comparing and sequencing method, which comprises the steps that S1, a server distributes a corresponding public key and a corresponding private key for each client side respectively, verifies the private data of each client side and encrypts and signs the private data of each client side through the corresponding public key and the corresponding private key to form a corresponding certificate; S2, each client acquires the corresponding public key and the corresponding private key from the server; S3, all the client sides are inquired and are grouped in pairs, and the private data of two client sides in each group is compared according to the corresponding certificates to obtain the compared result; S4, the compared result of each group is verified according to the corresponding certificates; and S5, the effective compared results of the groups are regrouped, and S3 and S4 are repeated so as to obtain the sequencing result of the private data of all the client sides. After the method is applied, the privacy of data is ensured, and in addition, the client sides cannot fabricate data or fake, so that the reliability of the private data is improved.
Description
Technical field
The present invention relates to networking technology area, particularly a kind of comparison of distributed privacy data and sort method of verifying.
Background technology
In the relevant application of various data, usually all can use size of data comparison and sorting operation.Along with modern information technology development, the storage of a lot of data no longer has been the storage mode of center type, but is distributed on a plurality of clients.The perception data and the network data that collect such as node in the sensor network then are distributed on each sensor node; Data in the mobile social networking then are distributed on each user's the mobile phone; It is first-class that data in the distributed data base all are stored in a plurality of servers respectively.Be a challenging exercise question to being distributed in that data on the different clients carry out real-time comparison and how the data on a plurality of clients are sorted how.Had at present a large amount of distributed computing methods put forward address this problem, these method common concerns are intended to improve the efficient of calculating in calculating and the expense of communicating by letter, and have but ignored the protection to the data privacy.
In fact the data in a lot of the application are a kind of privacies; having sensitiveness need be protected; these data client are unwilling the data of oneself are exposed to any inquiry or other clients; for example in a lot of safety sensor net and mobile social networking; data on each transducer or the mobile phone need to be protected, and can not expose to the external world.Privacy concern serious day by day now, people have proposed and need distributed private data have been compared and sorting operation not exposing fully under the situation of client private data.
Traditional safety computational methods computing cost in many ways is all very big, especially almost can't carry out on the limited mobile device of computational resource, makes them as the sensing net, all is difficult to obtain practical application under a lot of scenes such as mobile social networking.And all relevant solutions have all focused on secret protection, guarantee that data are not revealed, and have ignored computing input and result's verifiability.Adopting the correctness of comparison that the inquiry of these methods obtains and ranking results all to be based upon client carries out on the hypothesis of this method honestly.In fact, malicious client is easy to forge its inputoutput data and the comparison and the ranking results that lead to errors, but traditional method but is difficult to such situation is verified and found.The computational methods that can't verify obviously can't satisfy the needs of the higher application of a large amount of fail safes like this.With this, we are badly in need of a kind of distributed privacy data of verifying in incredible environment relatively and the method for ordering, and this method need guarantee that it can efficiently play a role with lower calculating with communication overhead equally on a large amount of mobile computing devices and application scenarios.
Summary of the invention
Purpose of the present invention is intended to solve at least one of above-mentioned technological deficiency.
For this reason, the objective of the invention is to propose a kind of comparison of distributed privacy data and sort method of verifying.
For achieving the above object, embodiments of the invention propose a kind of comparison of distributed privacy data and sort method of verifying, may further comprise the steps: S1: third party's certificate server is respectively each client and distributes corresponding PKI and private key, the private data that is stored in each client is verified, and the private data of each client is encrypted and signs by described PKI and private key, to form the corresponding certificate of each client.The private data that comprises encryption in the corresponding certificate; S2: each client is obtained corresponding described PKI and private key from described third party's certificate server; S3: inquiring client terminal divides into groups the client that all participate in ordering in twos, and according to the size of two client private datas of more described each packets inner of described corresponding certificate, to obtain the comparative result of each grouping private data; S4: according to the comparative result of described corresponding each grouping of certification authentication; S5: the method by merge sort is divided into groups again to effective comparative result of each grouping, and repeating step S3 and step S4, to obtain the ranking results of all client private datas.
In one embodiment of the invention, comprise private data after the described encryption in the described corresponding certificate.
In one embodiment of the invention, the private data of described inquiring client terminal after by the encryption that comprises in the described corresponding certificate judged the validity of described private data
In one embodiment of the invention, described inquiring client terminal compares two sizes of encrypting private datas in each grouping, and the checking comparative result.
According to the method for the embodiment of the invention, guaranteed the privacy of data, guaranteed that all clients can't forge the reliability that false data or fraud have improved private data.
The aspect that the present invention adds and advantage part in the following description provide, and part will become obviously from the following description, or recognize by practice of the present invention.
Description of drawings
Above-mentioned and/or the additional aspect of the present invention and advantage are from obviously and easily understanding becoming the description of embodiment below in conjunction with accompanying drawing, wherein:
Fig. 1 for the distributed privacy data that can verify according to an embodiment of the invention relatively with the flow chart of sort method.
Embodiment
Describe embodiments of the invention below in detail, the example of embodiment is shown in the drawings, and wherein identical or similar label is represented identical or similar elements or the element with identical or similar functions from start to finish.Be exemplary below by the embodiment that is described with reference to the drawings, only be used for explaining the present invention, and can not be interpreted as limitation of the present invention.
Fig. 1 for the distributed privacy data that can verify according to an embodiment of the invention relatively with the flow chart of sort method.As shown in Figure 1, the comparison of distributed privacy data and the sort method verified according to the embodiment of the invention may further comprise the steps:
Step S101, third party's certificate server is respectively each client and distributes corresponding PKI and private key, the private data that is stored in each client is verified, and the private data of each client is encrypted and signs by PKI and private key, to form the corresponding certificate of each client.The private data that comprises encryption in the corresponding certificate.
Particularly, private data is stored in n client, each client P
iData be v
iThird party's certificate server P
T, have the key of a pair of Digital Signature Algorithm, comprise PKI Pk
TWith private key Sk
TDuring initialization, each client needs to be connected to this third party's certificate server P
TObtain sign, key, and to its private data v
iVerify: P
TTo distribute to each client P
iA unique sign ID
iP
TAdopt quick Paillier encryption system, be each P
iGenerate unique PKI and private key Pk
iAnd Sk
iDefinition E
i(v
i, r
i) the quick Paillier cryptographic algorithm P of expression use
iPKI Pk
iTo v
iBe encrypted, wherein r
iIt is the random number as the cryptographic algorithm input.P
iSelect a series of random number { δ
kSend to P
TP
TChecking v
iLegitimacy, use a series of random number { δ then
kMultiply by v respectively
iObtain set { δ
kv
i.P
TUse user P
iPKI Pk
iEncrypt { δ
kAnd { δ
kv
i, P then
TRespectively the value in two set is carried out Hash, again to cryptographic Hash P
TPrivate key Sk
TSign and obtain { Sig (E
i(δ
k, r
i)), { Sig (E
i(δ
kv
i, r
i')).Last P
TAbove content is formed the set { C (P of a series of certificates of these data
i, δ
kv
i)={<Sig (ID
i), E
i(v
i, r
i), E
i(δ
k, r
i), E
i(δ
kv
i, r
i'), Sig (E
i(δ
k, r
i)), Sig (E
i(δ
kv
i, r
i')), Pk
i, Pk
T>also this certificate (i.e. signature) is presented to user P
i
Step S102, each client is obtained corresponding PKI and private key from third party's certificate server.
Particularly, inquiring client terminal P
aWhen initialization, need be connected to third party's certificate server P
TObtain sign, key.P
TAdopt quick Paillier encryption system, be P
aGenerate unique PKI and private key Pk
aAnd Sk
a
Step S103, inquiring client terminal divides into groups the client that all participate in ordering in twos, and according to the corresponding certificate size of two client private datas of each packets inner relatively, to obtain the comparative result of each grouping private data.
Particularly, inquiring client terminal P
aN client is divided into two one group, and broadcasts its group result and P
aPKI Pk
aP
aSend the private data size of message initiated each group relatively.Make P
1And P
2Be one group of client wherein, its private data is respectively v
1And v
2, and by following process comparison P
1And P
2The private data size.
Compare P
1And P
2The comparison procedure of private data size is: user P
1Randomly from v
1Set of certificates { C (P
1, δ
kv
1) in to select a certificate be C (P
1, δ
1v
lSig (the ID of)=<
1), E
1(v
1, r
1), E
1(δ
1, r
1), E
1(δ
1v
1, r
1'), Sig (E
1(δ
1, r
1)), Sig (E
1(δ
1v
1, r
1')), Pk
1, Pk
T>
, and utilize P
aAnd P
2Public key encryption calculate m
11=E
2(E
a(δ
1v
1, r
1a), r
12) and m
12=E
2(E
a(r
1', r
1)).P
1With C (P
1, δ
1v
1), m
11, m
12Send to P
2Then, client P
2At random from v
2Set of certificates { C (P
2, δ
kv
2) to select a certificate be C (P
2, δ
2v
2Sig (the ID of)=<
2), E
2(v
2, r
2), E
2(δ
2, r
2), E
2(δ
2v
2, r
2'), Sig (E
2(δ
2, r
2)), Sig (E
1(δ
2v
2, r
2')), Pk
2, Pk
T
And utilize P
aAnd P
1Public key encryption calculate m
21=E
1(E
a(δ
2v
2, r
2a), r
21) and m
22=E
1(E
a(r
2', r
2)).P
2With C (P
2, δ
2v
2), m
21, m
22Send to P
1P again
1Utilize the PKI Pk of third party's certificate server
TAuthentication certificate C (P
2, δ
2v
2) value, to P
2Input verify, as the checking by then showing P
2Input correct, otherwise show P
2Input value is played tricks.P then
1Deciphering m
21And m
22, and use certificate C (P
2, δ
2v
2) in value utilize the Palliar encryption system to carry out homomorphism in ciphertext to calculate following value: e
11=E
a(δ
1δ
2v
2, δ
1r
2a), e
12=E
a(E
2(δ
1δ
2v
1, δ
1v
1r
2)), e
13=E
a(E
2(δ
1δ
2v
2, δ
1r
2')), e
14=E
a(δ
1r
2', δ
1r
2), e
15=E
a(δ
2v
2r
1, r
1r
2').
P
1With Pk
1, e
11, e
12, e
13, e
14, e
15Send to inquiring client terminal P
a
P
2Utilize the PKI Pk of third party's certificate server
TAuthentication certificate C (P
1, δ
1v
1) value, to P
1Input verify, as the checking by then showing P
1Input correct, otherwise show P
1Input value is played tricks.P then
2Deciphering m
11And m
12, and use certificate C (P
1, δ
1v
1) in value utilize the Palliar encryption system to carry out homomorphism in ciphertext to calculate following value:
e
21=E
a(δ
1δ
2v
1,δ
2r
1a),e
22=E
a(E
1(δ
1δ
2v
2,δ
2v
2r
1)),e
23=E
a(E
1(δ
1δ
2v
1,δ
2r
1')),e
24=E
a(δ
2r
1’δ
2r
1),e
25=E
a(δ
1v
1r
2,r
1’r
2)。
P
2With Pk
2, e
21, e
22, e
23, e
24, e
25The person P that sends to the data query
a
Define D herein
i(e) quick Paillier decipherment algorithm is used in expression, uses P
i, private key Sk
iE is decrypted.Data query person P
aDeciphering d
1=D
a(e
11) and d
2=D
a(e
21), compare d
1And d
2Size obtain v
1, v
2Big or small comparative result, if d
1>d
2V then
1<v
2; If d
1=d
2V then
1=v
2; If d
1<d
2V then
1>v
2
Step S104 is according to the comparative result of corresponding each grouping of certification authentication.
Particularly, the data query person is to v
1, v
2Big or small comparative result verify, particularly, data query client P
aDeciphering e
14, e
15, e
24, e
25, obtain δ
1r
2', δ
2v
2r
1, δ
2r
1', δ
1v
1r
2, and calculate following equation: E
2(d
1, δ
1r
2')=D
a(e
13), E
1(d
1, δ
2v
2r
1)=D
a(e
22), E
1(d
2, δ
2r
1')=D
a(e
23), E
2(d
2, δ
1v
1r
2)=D
a(e
12).
If satisfy above-mentioned four equatioies, P then be described
aObtain correct comparative result, otherwise explanation result of calculation is invalid its inefficacy private data is not sorted.
Step S105 divides into groups by the method for merge sort again to effective comparative result of each grouping, and repeating step S103 and step S104, to obtain the ranking results of all client private datas.
Particularly, if distributed clients has only two, namely n=2 then comparison procedure to step S104 end, from v
1, v
2Big or small comparative result can obtain ranking results; If n>2, and P
aNeed obtain n user's ranking results, carry out further comparing and ordering according to step S105.By step S104 every pair of grouping client is all handled the comparative result that obtains every group of private data size, and its result is sorted and verifies.P then
aNeeds adopt the method for merge sort that the two adjacent groups client is compared and sort.So P
aThe two adjacent groups client is taken out client respectively according to the principle of merge sort constitute new grouping, finish until all private datas are sorted, and ranking results is exported.Table 1 is the data of quick Paillier cryptographic algorithm.
Table 1
According to the method for the embodiment of the invention, have following advantage:
(1) can carry out data relatively and ordering to the private data of distributed store on multi-client.
(2) all client datas all use client public key to be encrypted, and only client private key can be deciphered, and have guaranteed the privacy of data.
(3) by authentication mechanism, guarantee that all clients can't import false data, can not to relatively and ranking results play tricks.
(4) calculating by quick Paillier system consumes lessly, can be supported on the mobile device and use, and makes to have enlarged range of application.
Although illustrated and described embodiments of the invention above, be understandable that, above-described embodiment is exemplary, can not be interpreted as limitation of the present invention, those of ordinary skill in the art can change above-described embodiment under the situation that does not break away from principle of the present invention and aim within the scope of the invention, modification, replacement and modification.
Claims (4)
1. the comparison of distributed privacy data and the sort method that can verify is characterized in that, may further comprise the steps:
S1: third party's certificate server is respectively each client and distributes corresponding PKI and private key, the private data that is stored in each client is verified, and the private data of each client is encrypted and signs by described PKI and private key, to form the corresponding certificate of each client;
S2: each client is obtained corresponding described PKI and private key from described third party's certificate server;
S3: inquiring client terminal divides into groups the client that all participate in ordering in twos, and according to the size of two client private datas of more described each packets inner of described corresponding certificate, to obtain the comparative result of each grouping private data;
S4: according to the comparative result of described corresponding each grouping of certification authentication;
S5: the method by merge sort is divided into groups again to effective comparative result of each grouping, and repeating step S3 and step S4, to obtain the ranking results of all client private datas.
2. the comparison of distributed privacy data and the sort method of verifying as claimed in claim 1 is characterized in that, comprises the private data after the described encryption in the described corresponding certificate.
3. the comparison of distributed privacy data and the sort method of verifying as claimed in claim 1 or 2 is characterized in that, the private data of described inquiring client terminal after by the encryption that comprises in the described corresponding certificate judged the validity of described private data.
4. the comparison of distributed privacy data and the sort method of verifying as claimed in claim 1 is characterized in that, described inquiring client terminal compares two sizes of encrypting private datas in each grouping, and the checking comparative result.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2013101957311A CN103248492A (en) | 2013-05-23 | 2013-05-23 | Verifiable distributed private data comparing and sequencing method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2013101957311A CN103248492A (en) | 2013-05-23 | 2013-05-23 | Verifiable distributed private data comparing and sequencing method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN103248492A true CN103248492A (en) | 2013-08-14 |
Family
ID=48927728
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2013101957311A Pending CN103248492A (en) | 2013-05-23 | 2013-05-23 | Verifiable distributed private data comparing and sequencing method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103248492A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104951472A (en) * | 2014-03-29 | 2015-09-30 | 华为技术有限公司 | Data statistics method based on distribution |
CN110061828A (en) * | 2019-04-04 | 2019-07-26 | 西安电子科技大学 | Distributed digital endorsement method without trusted party |
CN111046409A (en) * | 2019-12-16 | 2020-04-21 | 支付宝(杭州)信息技术有限公司 | Private data multi-party security calculation method and system |
CN112307056A (en) * | 2019-07-31 | 2021-02-02 | 华控清交信息科技(北京)有限公司 | Data processing method and device and data processing device |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102984156A (en) * | 2012-11-30 | 2013-03-20 | 无锡赛思汇智科技有限公司 | Verifiable distributed privacy data comparing and sorting method and device |
CN103064931A (en) * | 2012-12-21 | 2013-04-24 | 清华大学 | Verifiable privacy data comparison and ranking query method |
-
2013
- 2013-05-23 CN CN2013101957311A patent/CN103248492A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102984156A (en) * | 2012-11-30 | 2013-03-20 | 无锡赛思汇智科技有限公司 | Verifiable distributed privacy data comparing and sorting method and device |
CN103064931A (en) * | 2012-12-21 | 2013-04-24 | 清华大学 | Verifiable privacy data comparison and ranking query method |
Non-Patent Citations (1)
Title |
---|
LAN ZHANG, ET AL.: "Verifiable private multi-party computation: Ranging and ranking", 《INFOCOM, 2013 PROCEEDINGS IEEE》 * |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104951472A (en) * | 2014-03-29 | 2015-09-30 | 华为技术有限公司 | Data statistics method based on distribution |
WO2015149497A1 (en) * | 2014-03-29 | 2015-10-08 | 华为技术有限公司 | Distributed data statistical method |
CN110061828A (en) * | 2019-04-04 | 2019-07-26 | 西安电子科技大学 | Distributed digital endorsement method without trusted party |
CN110061828B (en) * | 2019-04-04 | 2021-05-04 | 西安电子科技大学 | Distributed digital signature method without trusted center |
CN112307056A (en) * | 2019-07-31 | 2021-02-02 | 华控清交信息科技(北京)有限公司 | Data processing method and device and data processing device |
CN112307056B (en) * | 2019-07-31 | 2024-02-06 | 华控清交信息科技(北京)有限公司 | Data processing method and device for data processing |
CN111046409A (en) * | 2019-12-16 | 2020-04-21 | 支付宝(杭州)信息技术有限公司 | Private data multi-party security calculation method and system |
CN111046409B (en) * | 2019-12-16 | 2021-04-13 | 支付宝(杭州)信息技术有限公司 | Private data multi-party security calculation method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
He et al. | An efficient identity-based conditional privacy-preserving authentication scheme for vehicular ad hoc networks | |
AU2017395785B2 (en) | Voting system and method | |
CN108964919B (en) | Lightweight anonymous authentication method with privacy protection based on Internet of vehicles | |
Cui et al. | HCPA-GKA: A hash function-based conditional privacy-preserving authentication and group-key agreement scheme for VANETs | |
CN102984156B (en) | A kind of distributed private data Comparison and ranking method of verifying and device | |
CN107508686B (en) | Identity authentication method and system, computing device and storage medium | |
Wang et al. | 2FLIP: A two-factor lightweight privacy-preserving authentication scheme for VANET | |
CN102170352B (en) | Method of using ECDSA with winternitz one time signature | |
WO2018004783A1 (en) | Public key infrastructure using blockchains | |
CN103064931B (en) | The private data that can verify compares and rank querying method | |
US10742426B2 (en) | Public key infrastructure and method of distribution | |
CN107493273A (en) | Identity identifying method, system and computer-readable recording medium | |
CN106878318A (en) | A kind of block chain real time polling cloud system | |
CN109818730B (en) | Blind signature acquisition method and device and server | |
CN110932865B (en) | Linkable ring signature generation method based on SM2 digital signature algorithm | |
CN101951388A (en) | Remote attestation method in credible computing environment | |
ES2894726T3 (en) | Consensus Protocol for Authorized Ledgers | |
CN113221184A (en) | Internet of things system and device based on block chain network | |
CN110867012A (en) | Method, device and system for de-centering electronic voting based on intelligent contract and storage medium | |
Kanumalli et al. | Secure V2V Communication in IOV using IBE and PKI based Hybrid Approach | |
CN106209730A (en) | A kind of method and device managing application identities | |
CN103248492A (en) | Verifiable distributed private data comparing and sequencing method | |
CN114520726A (en) | Processing method and device based on block chain data, processor and electronic equipment | |
CN109766716A (en) | A kind of anonymous bidirectional authentication method based on trust computing | |
Ogundoyin | An Efficient, Secure and Conditional Privacy-Preserving Authentication Scheme for Vehicular Ad-hoc Networks. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C12 | Rejection of a patent application after its publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20130814 |